Skip to main content
Error codes differ by product. Residential has a richer set of plan-limit and targeting errors; Datacenter has a tighter set focused on authentication and upstream failures plus SOCKS5 reply codes.

Residential

Authentication & request errors

400 Bad Request
standard
Your HTTP request is malformed. Check your proxy client is sending a valid HTTP CONNECT or request line.
407 Proxy Authentication Required
standard
Username or password is wrong, or your targeting modifiers contain an unrecognised value.Body: Incorrect username or password
417 Expectation Failed
standard
Your client sent an Expect: header the proxy can’t satisfy. Remove it or switch libraries.

Plan limit errors

452 Bandwidth Exceeded
custom
You’ve used all the bandwidth on your plan. Top up or upgrade from the dashboard.Body: exceeded bandwidth limit
453 Thread Limit Exceeded
custom
You’re making more concurrent connections than your plan allows. Lower concurrency or upgrade.Body: exceeded threads limit

Targeting errors

454 Invalid Country Code
custom
The country-<code> modifier isn’t a recognised country. Use lowercase ISO 3166-1 alpha-2 codes (e.g. us, de, jp).Body: invalid country code
454 Invalid State Code
custom
The state-<code> value isn’t recognised for the country you picked. Use the standard regional subdivision code.Body: invalid state code
454 Invalid City Code
custom
The city-<n> value isn’t recognised, or no IPs are available for that city. City names should be lowercase and concatenated (westlakevillage, not Westlake Village or westlake-village).Body: invalid city code
454 Invalid ASN
custom
The asn-<number> value isn’t in the supported ASN set, or no IPs are available for the combined geo + ASN targeting. Verify the ASN with whois or bgp.he.net. If the ASN is valid but no IPs are returning, widen your geo targeting.Body: invalid asn
455 Invalid TTL
custom
The ttl-<minutes> value is outside the allowed range. TTL must be a positive integer within the supported lifetime range.Body: invalid ttl

Upstream errors

502 Bad Gateway
standard
The target site couldn’t be reached. Could be DNS failure, target-side refusal, or a transient network issue. Retry with backoff.
500 Internal Server Error
standard
An unexpected error occurred. If you see this repeatedly, contact support with a timestamp.
503 Service Unavailable
standard
A transient internal error. Retry with backoff — if it persists, contact support.

Residential summary

CodeMeaningAction
400Bad requestFix client request format
407Auth failedCheck username / password
417Expectation failedRemove Expect: header
452Bandwidth exhaustedTop up plan
453Thread limit hitLower concurrency or upgrade
454Invalid country / state / city / ASNFix targeting modifier
455Invalid TTLUse a valid ttl-<minutes> value
500Internal errorContact support
502Upstream unreachableRetry with backoff
503Service unavailableRetry; contact support if persistent

Datacenter (HTTP)

400 Bad Request
standard
Malformed authentication — typically a bad Base64-encoded Proxy-Authorization header. Your proxy client is sending credentials in the wrong format. Regenerate or re-encode.
407 Proxy Authentication Required
standard
Missing, invalid, expired, or capped credentials. Common causes:
  • Username or password is wrong
  • Session credentials have expired
  • Plan bandwidth or thread limit reached
  • Account suspended or expired
Check the dashboard to confirm your plan status.
500 Internal Server Error
standard
Server-side error encountered after authentication succeeded. Inspect the X-Server-Error response header for a more specific reason.
curl -v -x "http://user:pass@dcp-eu.proxies.fo:10808" https://api.ipify.org
# Look for: < X-Server-Error: <reason>
If the header isn’t present or the reason isn’t clear, contact support with the request timestamp.

Datacenter HTTP summary

CodeMeaningAction
400Bad auth encodingCheck Base64 of Proxy-Authorization
407Auth failed / expired / cappedVerify creds and plan status
500Post-auth server errorInspect X-Server-Error header

Datacenter (SOCKS5)

SOCKS5 replies use single-byte reply codes in the response to the initial CONNECT or UDP ASSOCIATE request. These are standard SOCKS5 codes — most libraries surface them as descriptive error messages automatically.
0 — Succeeded
The connection was established. No error.
1 — Network Unreachable
The network to the target is unreachable from our upstream. Usually transient — retry with backoff.
2 — Host Unreachable
The specific host can’t be reached. DNS may have resolved, but no route to the destination. Check the target is up.
3 — Connection Refused
The target actively refused the connection. The target port may be closed, or the target is rejecting your traffic.
4 — Command Not Supported
You sent a SOCKS5 command we don’t support. Stick to CONNECT for TCP and UDP ASSOCIATE for UDP.

SOCKS5 summary

CodeMeaningAction
0Succeeded
1Network unreachableRetry with backoff
2Host unreachableCheck target availability
3Connection refusedTarget rejected — check port / target state
4Command not supportedUse CONNECT or UDP ASSOCIATE only

Handling errors in code

import requests

proxy = "http://adminpcowe-country-zz:maskxsndyb@pr-us.proxies.fo:13337"
proxies = {"http": proxy, "https": proxy}

try:
    r = requests.get("https://api.ipify.org", proxies=proxies, timeout=30)
    if r.status_code == 454:
        print("Targeting error:", r.text.strip())
    elif r.status_code == 452:
        print("Out of bandwidth — top up your plan")
    elif r.status_code == 453:
        print("Too many concurrent connections")
    elif r.status_code >= 500:
        print(f"Upstream issue ({r.status_code}) — retry with backoff")
    else:
        print(r.text)
except requests.exceptions.ProxyError as e:
    print("Auth failed — check credentials:", e)
Anything unexpected? Reach out on Telegram with a request timestamp.